CVE-2012-4429
published 2012-10-01CVE-2012-4429: Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
PriorityP428medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
2.38%
81.8th percentile
Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
Affected
110 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| david_king | vino | <= 3.4.2 | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
| david_king | vino | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Vino vulnerability
vendor_ubuntu·2013-01-22
CVE-2012-4429 Vino vulnerability
Title: Vino vulnerability
Summary: Vino could be made to expose sensitive information over the network.
It was discovered that Vino incorrectly transmitted clipboard activity
before authenticating the remote connection. A remote attacker could
connect to Vino and monitor clipboard activity.
Instructions: After a standard system update you need to restart your session to make all
the necessary changes.
Red Hat
vino: information leak and authentication bypass
vendor_redhat·2012-06-20·CVSS 5.0
CVE-2012-4429 [MEDIUM] vino: information leak and authentication bypass
vino: information leak and authentication bypass
Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
Package: vino (Red Hat Enterprise Linux 5) - Not affected
Debian
CVE-2012-4429: vino - Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard ac...
vendor_debian·2012·CVSS 5.0
CVE-2012-4429 [MEDIUM] CVE-2012-4429: vino - Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard ac...
Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
Scope: local
bookworm: resolved (fixed in 3.8.1-1)
bullseye: resolved (fixed in 3.8.1-1)
GHSA
GHSA-9338-252x-62pc: Vino 2
ghsa_unreviewed·2022-05-17
CVE-2012-4429 [MEDIUM] CWE-200 GHSA-9338-252x-62pc: Vino 2
Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
OSV
CVE-2012-4429: Vino 2
osv·2012-10-01·CVSS 5.0
CVE-2012-4429 [MEDIUM] CVE-2012-4429: Vino 2
Vino 2.28, 2.32, 3.4.2, and earlier allows remote attackers to read clipboard activity by listening on TCP port 5900.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2012-4429 vino: information leak and authentication bypass
bugzilla·2012-09-13·CVSS 5.0
CVE-2012-4429 [MEDIUM] CVE-2012-4429 vino: information leak and authentication bypass
CVE-2012-4429 vino: information leak and authentication bypass
It was reported [1],[2] that vino transmits all clipboard activity to anything listening on port 5900, including to clients that have not authenticated. If a user were to have vino enabled (including requiring authentication), a remote user could access the port and see anything the user added to the clipboard sent over the port.
To reproduce, enable vino with password protection (i.e. execute vino-preferences). Connect to the VNC port (either locally or remotely), for instance:
% nc -4 odvfc17 5900
RFB 003.007
@??zsh: command not found: zsh:@??[vdanen@odvfc17]
The above two bits of output are from copying in the GNOME terminal, locally, on the system running vino.
The above was tested with Fedora 17's 3.4.2 version; the r
Bugzilla
CVE-2012-4429 vino: information leak and authentication bypass [fedora-18]
bugzilla·2012-09-13·CVSS 5.0
CVE-2012-4429 [MEDIUM] CVE-2012-4429 vino: information leak and authentication bypass [fedora-18]
CVE-2012-4429 vino: information leak and authentication bypass [fedora-18]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&
http://rhn.redhat.com/errata/RHSA-2013-0169.htmlhttp://secunia.com/advisories/50527http://www.openwall.com/lists/oss-security/2012/09/13/25http://www.openwall.com/lists/oss-security/2012/09/14/1http://www.securityfocus.com/bid/55548http://www.ubuntu.com/usn/USN-1701-1https://exchange.xforce.ibmcloud.com/vulnerabilities/78602http://rhn.redhat.com/errata/RHSA-2013-0169.htmlhttp://secunia.com/advisories/50527http://www.openwall.com/lists/oss-security/2012/09/13/25http://www.openwall.com/lists/oss-security/2012/09/14/1http://www.securityfocus.com/bid/55548http://www.ubuntu.com/usn/USN-1701-1https://exchange.xforce.ibmcloud.com/vulnerabilities/78602
2012-10-01
Published